Would a Comprehensive Phone Record Database Have Stopped 9/11?

Two weeks ago, when U.S. District Judge Richard
Leon
issued a preliminary injunction against the National Security
Agency’s mass collection of telephone records, he was skeptical of
the government’s claim that the program has been instrumental in
preventing terrorist attacks. “The Government
does not cite a single instance in which
analysis of the NSA’s bulk metadata collection actually stopped an
imminent attack,” he
wrote, “or otherwise aided the Government in achieving any
objective that was time-sensitive in nature.” By contrast, U.S.
District Judge William Pauley, who on Friday
rejected a Fourth Amendment challenge to the NSA’s phone record
dragnet, says “the effectiveness of bulk telephony metadata
collection cannot be seriously disputed.” But Pauley’s most
powerful example is a debatable counterfactual, while the other
cases he cites do not actually show that the NSA’s database has
been crucial in stopping attacks.

Pauley opens his opinion by
arguing that if the telephone metadata program had existed in 2001
it might have helped prevent Al Qaeda’s attacks on the World Trade
Center and the Pentagon:

Prior to the September 11th attacks, the [NSA] intercepted seven
calls made by hijacker Khalid al-Mihdhar, who was living in San
Diego, California, to an al-Qaeda safe house in Yemen. The NSA
intercepted those calls using overseas signals intelligence
capabilities that could not capture al-Mihdhar’s telephone number
identifier. Without that identifier, NSA analysts concluded
mistakenly that al-Mihdhar was overseas and not in the United
States. Telephony metadata would have furnished the missing
information and might have permitted the NSA to notify the [FBI] of
the fact that al-Mihdhar was calling the Yemeni safe house from
inside the United States.

The government has trotted out this hypothetical many times
before, presumably because it is easier to speculate about plots
that might have been thwarted by the routine collection of
every American’s phone records than it is to cite any that actually
were. But as ProPublica’s Justin Elliott
pointed out last June, “U.S. intelligence agencies knew the
identity of the hijacker in question, Saudi national Khalid al
Mihdhar, long before 9/11 and had the ability find him, but they
failed to do so.” Furthermore, it is not clear why the NSA, having
eavesdropped on seven calls between al-Mihdhar and the Al Qaeda
safe house in Yemen, needed a database containing everyone’s phone
records to identify the source of those calls. The Justice
Department “could have asked the FISA Court for a warrant to all
phone companies to show all calls from the U.S. which went to the
Yemen number,”  former counterterrorism official Richard
Clarke told ProPublica. “Since they had one end of the calls (the
Yemen number), all they had to do was ask for any call connecting
to it.”

The three other examples cited by Pauley likewise do not show
that the comprehensive phone record database has been necessary to
stop attacks, as Leon noted:

None of the three “recent episodes” cited by the Government that
supposedly “illustrate the role that telephony metadata analysis
can play in preventing and protecting against terrorist attack”
involved any apparent urgency. In the first example, the FBI
learned of a terrorist plot still “in its early stages” and
investigated that plot before turning to the metadata “to ensure
that all potential connections were identified.” Assistant [FBI]
Director [Robert] Holley does not say that the metadata revealed
any new information-much less time-sensitive information that had
not already come to light in the investigation up to that point. In
the second example, it appears that the metadata analysis was used
only after the terrorist was arrested “to establish [his] foreign
ties and put them in context with his U.S. based planning efforts.”
And in the third, the metadata analysis “revealed a previously
unknown number for [a] co-conspirator…and corroborated his
connection to [the target of the investigation] as well as to other
U.S.-based extremists.” Again, there is  no indication that
these revelations were immediately useful or that they prevented an
impending attack.

Pauley does not actually claim the phone record database is
necessary to thwart terrorism—only that it has been useful in
gathering intelligence. Could a less sweeping approach, such as
specific warrants seeking information about calls to or from
particular targets, have been equally effective? Pauley deems that
question irrelevant:

The ACLU also argues that “[t]here are a number of ways in which
the Government could perform three-hop analysis without first
building its own database of every American’s call records.” That
has no traction. At bottom, it is little more than an assertion
that less intrusive means to collect and analyze telephony metadata
could be employed. But the Supreme Court has “repeatedly refused to
declare that only the ‘least intrusive’ search practicable can be
reasonable under the Fourth Amendment.”

In any case, as I
noted on Friday, the effectiveness of the NSA’s snooping is not
ultimately relevant to Pauley’s analysis. Since he concludes that
the Fourth Amendment does not apply to phone records (or any other
information held by third parties), there is no search to
justify.